Insider

Get exclusive access to premium articles, product guides, reviews, how-tos, and more from CIO, CSO, Computerworld, InfoWorld, ITworld, and Network World - the best enterprise tech publications in the business. Learn more!

CSO > Password elimination [conceptual password security lock in a trash bin]

How First Citrus Bank got rid of employee passwords

The Florida bank rolled out passwordless authentication in February that relies on device biometrics of their smartphones.

CSO > Phishing attacks that bypass two-factor authentication

Phishing attacks that bypass 2-factor authentication are now easier to execute

Researchers released two tools--Muraen and NecroBrowser--that automate phishing attacks that can bypass 2FA. Most defenses won't stop them.

computer crime scene / hacked / infected / cybercrime / cyberattack

Why businesses don’t report cybercrimes to law enforcement

Law enforcement agencies estimate the number of cybercrimes that go unreported by businesses number in the millions. Here why and when you should report breaches and other cyber attacks.

compliance / control / constraints

5 ways compliance hurts security

The tasks of meeting regulatory requirements and providing true security that actually mitigates risk do not align. Here's how focusing exclusively on compliance can undermine security.

CSO  >  malware / security threat / skull and crossbones on a user's screens

4 tips for getting the most from threat intelligence

It’s easy to gather data on potential threats, but you have to know what to do with that intelligence if you want to improve your security stance.

hackathon students code programmer devops certification by rawpixel unsplash

28 DevSecOps tools for baking security into the development process

Catch and remediate application vulnerabilities earlier and help integrate security in the the development process with these five categories of DevSecOps tools.

Meltdown / Spectre / security vulnerabilities

How to update your Spectre, Meltdown mitigations for the Retpoline mitigation

Intel recently released a new mitigation for Spectre and Meltdown and some of their variants. Called Retpoline, it might not be enabled with the Windows 10 1809 update. Here's how to find out and implement.

Let's Encrypt automated encryption gears

How to automate Let’s Encrypt certificate authority in AWS using PowerShell

You can still automate Let's Encrypt even if your system requires a DNS challenge. Using these PowerShell scripts and Amazon Web Services' DNS service Route 53 will do the trick.

FireMon network security policy management

Review: FireMon clears the clutter for network security policy management

A pioneer in the field of network security policy management, FireMon provides full visibility into networks and devices, and overlays that knowledge with the rules, platforms, hardware and programs designed to protect it.

Asset-recovery team pulls dollar sign back from over the edge of a cliff; hacker/keyboard background

Act fast to recover assets after cyber fraud

Here's what companies can do to recover lost assets in the wake of a data theft or a BEC scam.

man with umbrella in lightning storm risk danger caution storm

How to establish your business’s risk tolerance

Knowing your business risk appetite allows you to align security efforts to the business needs, prioritizing resources and spending on those areas where organizational leaders have the least appetite for risk. Here's how to do it.

file sharing / data sync / shared records / eliminating redundancy of multiple identities

Can the re-use of identity data be a silver bullet for industry?

The ability to re-use identity data for individuals across different systems would greatly simplify authentication. Here's what it would take to make it happen.

security firewall breach hacker privacy battle id work getty

How to spot a scam: 14 red flags to watch for

Does your security awareness training program help your employees learn when someone is trying to scam them?

windows 7 logo on mirrors man with derby hat on dock

How to isolate a Windows 7 machine from your network

If you have a business reason to keep a Windows 7 system active past its 2020 end-of-life date, here's how to keep it from being a security liability on your network.

tip of the iceberg data breach hacked cyber security

Why reported breaches are the tip of the iceberg

Thousands of businesses are breached every day without them even knowing it, compromising payment card data. The EMV chip isn’t the solution, but data devaluation can reduce the impact.

An engineer reviews strategy framework data.

How to implement and use the MITRE ATT&CK framework

The MITRE ATT&CK framework is a popular template for building detection and response programs. Here's what you'll find in its knowledgebase and how you can apply it to your environment.

CSO > Formula One- / Formula 1- / F1-style modeled wireframe race cars with abstract circuit overlay

Haas F1 team leans on service providers as security force multipliers

Formula One racing is expensive and comes with significant security concerns. An outsource-first policy lets a small security team effectively deal with threats at multiple locations.

network security / network traffic scanning connected devices

Review: How Awake Security uncovers malicious intent

This advanced network traffic monitoring platform identifies hidden threats and those that don’t use traditional malware, making it extremely powerful and useful in today’s threat environment.

CSO > Microsoft Azure backups / cloud computing / binary code / data transfer

5 tips for better backups with Azure Backup Agent

Both on-premises and cloud networks need backup solutions that allow you to recover from ransomware attacks quickly. One option is to use the Azure Backup Agent.

CSO  >  secure mergers + acquisitions / handshake offer / extended hand / security shield / circuits

Why security needs to be involved early during mergers and acquisitions

M&A security can often be overlooked during deal making, leading to potential incidents down the line. Here's how UK newspaper Racing Post dealt with three acquisitions in three years, each with its own security requirements.

Load More

Become An Insider

Sign up now and get FREE access to hundreds of Insider articles, guides, reviews, interviews, blogs, and other premium content. Learn more.